Edge for Private Cloud v. 4.16.09
If you are using indirect binding, you need to provide an external LDAP username and password in management-server.properties that Apigee uses to log into the external LDAP and perform the indirect credential search.
The following steps explain how to encrypt your password:
- Execute the following Java utility, replacing the <YOUR EXTERNAL LDAP PASSWORD> with
your actual external LDAP password:
java -cp /opt/apigee/edge-gateway/lib/thirdparty/*:/opt/apigee/edge-gateway/lib/kernel/*:/opt/apigee/edge-gateway/lib/infra/libraries/* com.apigee.util.CredentialUtil --password="<YOUR EXTERNAL LDAP PASSWORD>" - In the output of the command, you will see a newline followed by what looks like a random character string. Copy that string.
- Edit /opt/apigee/customer/application/management-server.properties.
- Update the following property, replacing <myAdPassword> with the string you
copied from step 2, above.
conf_security_externalized.authentication.indirect.bind.server.admin.password=<myAdPassword> - Be sure the following property is set to true:
conf_security_externalized.authentication.indirect.bind.server.admin.password.encrypted=true - Save the file.
- Restart the Management Server:
>/opt/apigee/apigee-service/bin/apigee-service edge-management-server restart - Verify that the server is running:
> /opt/apigee/apigee-service/bin/apigee-all status
Testing the installation
See the testing section at the end of Enabling external authentication, and perform the same test described there.